Description of problem: We have found out that creating a route with host 'localhost' can freeze subsequent router reloads IF AND ONLY IF the environment variable ROUTER_USE_PROXY_PROTOCOL is not set. Version-Release number of selected component (if applicable): v3.6.173.0.96 How reproducible: always if ROUTER_USE_PROXY_PROTOCOL is not set Steps to Reproduce: - Ensure your router does not have ROUTER_USE_PROXY_PROTOCOL environment variable set - Create a route with 'localhost' hostname that can be admitted on routers. For instance, the one issued by this command: oc create route edge localhost-route --hostname=localhost --service=internetcheck --insecure-policy=Allow - Try to create/delete other routes so that a reload is forced. You will see errors and reloads will fail. Actual results: Errors seen at logs are like the following: E0131 16:00:58.114791 1 ratelimiter.go:52] error reloading router: exit status 1 [WARNING] 030/160028 (360) : parsing [/var/lib/haproxy/conf/haproxy.config:35] : 'option httplog' not usable with frontend 'public_ssl' (needs 'mode http'). Falling back to 'option tcplog'. - Checking http://localhost:2080 ... - Exceeded max wait time (30) in health check - 58 retry attempt(s). Expected results: Something (safety checks?) to prevent this situation from happening. Additional info:
Commits pushed to master at https://github.com/openshift/origin https://github.com/openshift/origin/commit/14191dfb9e6ce1d44e30b270b4b02db99fd5883f Change the haproxy reload detection to tolerate routes named localhost This changes the reload-haproxy script to explicitly pass no hostname in the http headers so that if a route is created named 'localhost' the reload does not match that route. Fixes bug 1542612 (https://bugzilla.redhat.com/show_bug.cgi?id=1542612) https://github.com/openshift/origin/commit/e040f08fd5f3aaf3fb5a7364a38699764e244823 Merge pull request #18539 from knobunc/bug/bz1542612-fix-reload-detection Automatic merge from submit-queue (batch tested with PRs 18423, 18255, 18526, 18539, 18509). Change the haproxy reload detection to tolerate routes named localhost This changes the reload-haproxy script to explicitly pass no hostname in the http headers so that if a route is created named 'localhost' the reload does not match that route. Fixes bug 1542612 (https://bugzilla.redhat.com/show_bug.cgi?id=1542612)
Verified this bug on v3.9.0-0.47.0 steps: 1. oc create route edge localhost-route --hostname=localhost --service=service-unsecure --insecure-policy=Allow 2. oc create route edge test --service=service-unsecure 3. oc delete route test 4. check the router logs
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0489